How to keep your Python source code secure?

[HunterAP]

I've looked for ways to do this, and it's led me to this page.

Problem is, this page basically comes down to "you can not keep it safe".

 

Unless you run all your programs a services that users access over the network, but do not actually acquire the source code, Python source code can't be kept private and secure, correct?

 

I'm currently using Cython to compile my Python code into C, but this code gets imported into the main program regardless, which means it's slightly harder to read, but still readable.

Is there a way to prevent people from seeing your Python source code, or a way to make the Cython-compiled code be imported into a C compiler and assembled into an executable that cannot be decompiled?

[Guest]

I’ve heard that people find ways to encrypt it after compiling but no matter what I think they have your code if they want it. 

 

Its kinda like DRM. If they want to break it, they’ll find a way. 

[2FA]

Since Python is an interpreter based language, no. You have to supply source to the interpreter at time of run. You can obfuscate it somewhat but the source will eventually be read if someone decides to put time into it.

[Guest]

3 minutes ago, 2FA said:

Since Python is an interpreter based language, no. You have to supply source to the interpreter at time of run. You can obfuscate it somewhat but the source will eventually be read if someone decides to put time into it.

OP mentioned he compiled his python. 

[HunterAP]

The next solution I saw is using Cython according to this article.

The thing is, Cython now compiles the source code into C and PYD files, where even though the C files are easily readable, the PYD files are not easily decompiled. Now my question is, how do I use the PYD files directly?

[2FA]

12 minutes ago, fpo said:

OP mentioned he compiled his python. 

Yeah I'm rereading the last bit.

6 minutes ago, HunterAP said:

The next solution I saw is using Cython according to this article.

The thing is, Cython now compiles the source code into C and PYD files, where even though the C files are easily readable, the PYD files are not easily decompiled. Now my question is, how do I use the PYD files directly?

.c files are C source code files, you still need to use a C compiler.

 

EDIT: Okay the .pyd file is basically the equivalent of a .dll file. You import the .pyd into Python.

[2FA]

You'll want to create a pretty general main program in Python (which imports your .pyd) and turn it into a .exe with py2exe.

[wasab]

Open sourced code is love.  

[HunterAP]

4 hours ago, wasab said:

Open sourced code is love.  

Open source is great, up until you have program you want to license but not license the source code 

 

15 hours ago, 2FA said:

You'll want to create a pretty general main program in Python (which imports your .pyd) and turn it into a .exe with py2exe.

Perfect, so the process is basically:

1. Write code
2. Compile with Cython into the .pyd or .so files.
3. Make a basic main program that imports the DLL's.
4. Compile the entire thing into an executable with py2exe.

Thank you so much!

[2FA]

7 minutes ago, HunterAP said:

Open source is great, up until you have program you want to license but not license the source code 

 

Perfect, so the process is basically:

1. Write code
2. Compile with Cython into the .pyd or .so files.
3. Make a basic main program that imports the DLL's.
4. Compile the entire thing into an executable with py2exe.

Thank you so much!

Pretty much yeah, just call your functions in the main program and all of the complex code is in the DLLs.

 

If you plan on writing more licensed software in the future, I would highly recommend using a purely compiled language. That way the entirety of your code is hidden.

[HunterAP]

5 minutes ago, 2FA said:

Pretty much yeah, just call your functions in the main program and all of the complex code is in the DLLs.

 

If you plan on writing more licensed software in the future, I would highly recommend using a purely compiled language. That way the entirety of your code is hidden.

One of the reasons I've shifted over from the first languages I've learned (C, C++, C#, Java) is because it is a lot of work involved in writing the actual program. When I first took a Python course at Uni, I fell in love with it, and when I found out I can have the writability of Python with the speed of a compiled program with Cython, it was an amazing realization.

 

Granted those other languages are more secure (maybe not so much Java and C# since you can decompile those programs), I still like Python too much to go back 

[2FA]

3 minutes ago, HunterAP said:

One of the reasons I've shifted over from the first languages I've learned (C, C++, C#, Java) is because it is a lot of work involved in writing the actual program. When I first took a Python course at Uni, I fell in love with it, and when I found out I can have the writability of Python with the speed of a compiled program with Cython, it was an amazing realization.

 

Granted those other languages are more secure (maybe not so much Java and C# since you can decompile those programs), I still like Python too much to go back 

It's fine to like a language but's important to understand it's just a tool and using the appropriate tool for the job is key.

[vorticalbox]

2 hours ago, HunterAP said:

One of the reasons I've shifted over from the first languages I've learned (C, C++, C#, Java) is because it is a lot of work involved in writing the actual program. When I first took a Python course at Uni, I fell in love with it, and when I found out I can have the writability of Python with the speed of a compiled program with Cython, it was an amazing realization.

 

Granted those other languages are more secure (maybe not so much Java and C# since you can decompile those programs), I still like Python too much to go back 

I spemd the last uear writing python scripts and selling them on forums, most were one off scripts so not much problem of code stealing.

 

 

[wasab]

13 minutes ago, vorticalbox said:

I spemd the last uear writing python scripts and selling them on forums, most were one off scripts so not much problem of code stealing.

 

 

I am willing to pay good money for a grinder bot for Star Trek online  

[HunterAP]

3 hours ago, vorticalbox said:

I spemd the last uear writing python scripts and selling them on forums, most were one off scripts so not much problem of code stealing.

 

 

Writing one-offs is easy and relatively quick, writing bigger projects (5000+ lines) doesn't seem like something you'd want to share will-nilly.

[vorticalbox]

11 hours ago, wasab said:

I am willing to pay good money for a grinder bot for Star Trek online  

I would love to, I actually enjoy building bots I have created a few, but I work 40 hours a week and week ends I spend with my family.

 

If I find myself with some free time I'll have a look.

 

8 hours ago, HunterAP said:

Writing one-offs is easy and relatively quick, writing bigger projects (5000+ lines) doesn't seem like something you'd want to share will-nilly.

That's true, depending on the program you might be able to make a front end on a website that calls the script. That allows you to control who has access with a login or some other way of running code on a server without giving them direct access to the source.

[NoOverflow]

I'm sorry but you've used the bad technology

There 2 options here :

-Rewrite in a compiled language (basically C++ to kept object oriented aspect of your code), you said your code is 5000+ lines, it's not a big project so translation will be relatively fast

-Run it on a server and make an API for your users

 

But you seems a little paranoiac

The average user won't steal your code

[HarryNyquist]

You could also obfuscate your code using various tools.

 

The problem is, if someone REALLY is dedicated, they'll get in, regardless of the language used.

[Dat Guy]

Write in C.

 

Problem solved.

[HunterAP]

6 hours ago, Dat Guy said:

Write in C.

 

Problem solved.

Sounds like an awful time, I've spent enough time in C and C++ to know that I don't like dealing memory allocation and pointers/references.

 

7 hours ago, NoOverflow said:

I'm sorry but you've used the bad technology

There 2 options here :

-Rewrite in a compiled language (basically C++ to kept object oriented aspect of your code), you said your code is 5000+ lines, it's not a big project so translation will be relatively fast

-Run it on a server and make an API for your users

 

But you seems a little paranoiac

The average user won't steal your code

Option 1 is more difficult than I'd like to deal with in personal projects.

Option 2 is probably what I'm going to go with, since that's what Google and other companies do by running their scripts as services through the web.

 

I wouldn't say I'm paranoid, I'm just concerned with writing a freelance-type program and making sure it isn't re-used and modified without permission from me or the people I give it to. I can make it open-source, but that opens a slew of other issues.

[Beskamir]

Theoretically anything can be disassembled (which is illegal but when has illegality stopped the dedicated) so...

[simson0606]

You could take a look at obfuscation tools, these are commonly used in .net or java applications. It does not prevent anyone disassembling the code, but it will definitely give them a harder time. (of course a dedicated person will still figure it out, but you might not have had them as a paying customer anyway)

[abdullah2993]

if you are targeting windows then just use py2exe and then just distribute the binary.